6 certificate file formats – ZyXEL Communications ZyXEL ZyAIR NWA-3500 User Manual

Chapter 14 Certificates

ZyXEL NWA-3500 User’s Guide

167

14.6 Certificate File Formats

The certification authority certificate that you want to import has to be in one of these file
formats:

• Binary X.509: This is an ITU-T recommendation that defines the formats for X.509

certificates.

• PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses 64 ASCII

characters to convert a binary X.509 certificate into a printable form.

• Binary PKCS#7: This is a standard that defines the general syntax for data (including

digital signatures) that may be encrypted. The ZyXEL Device currently allows the
importation of a PKS#7 file that contains a single certificate.

• PEM (Base-64) encoded PKCS#7: This Privacy Enhanced Mail (PEM) format uses 64

ASCII characters to convert a binary PKCS#7 certificate into a printable form.

Valid From

This field displays the date that the certificate becomes applicable. The text

displays in red and includes a Not Yet Valid! message if the certificate has not yet

become applicable.

Valid To

This field displays the date that the certificate expires. The text displays in red and

includes an Expiring! or Expired! message if the certificate is about to expire or

has already expired.

Details

Click the details icon to open a screen with an in-depth list of information about the

certificate.
Click the delete icon to remove the certificate. A window displays asking you to

confirm that you want to delete the certificate.
You cannot delete a certificate that one or more features is configured to use.
Do the following to delete a certificate that shows *SELF in the Type field.
1. Make sure that no other features, such as HTTPS, VPN, SSH are configured to

use the *SELF certificate.
2. Click the details icon next to another self-signed certificate (see the description

on the Create button if you need to create a self-signed certificate).
3. Select the Default self-signed certificate which signs the imported remote

host certificates check box.
4. Click Apply to save the changes and return to the My Certificates screen.
5. The certificate that originally showed *SELF displays SELF and you can delete

it now.
Note that subsequent certificates move up by one when you take this action

Create

Click Create to go to the screen where you can have the ZyXEL Device generate

a certificate or a certification request.

Import

Click Import to open a screen where you can save the certificate that you have

enrolled from a certification authority from your computer to the ZyXEL Device.

Delete

Click Delete to delete an existing certificate. A window display asking you to

confirm that you want to delete the certificate. Note that subsequent certificates

move up by one when you take this action.

Refresh

Click Refresh to display the current validity status of the certificates.

Table 56 My Certificates (continued)

LABEL

DESCRIPTION